Back Apr 04, 2024

Meet Maura Pintor at our Tübingen AI Talk Series #6

We are delighted to announce the first speaker of the new semester in our Tübingen AI Talk series: Maura Pintor.

Portrait of Maura Pinto in front of the river Neckar in Tübingen — Maura Pintor (photo: private)

Details of the talk:

Date: April 4, 2024
Time: 11:00 a.m. - 12:00 p.m.
Location: Ground-floor lecture hall, Tübingen AI Center (Maria-von-Linden-Str. 6, 72076 Tübingen)

Talk title: Where ML security is broken and how to fix it

Abstract: Rigorous testing of machine learning models against test-time attacks is often impractical for modern deep learning systems. For these reasons, empirical methods, optimizing adversarial perturbations via gradient descent, are often used. To assess and mitigate the impacts of adversarial attacks, machine learning practitioners generate worst-case adversarial perturbations to test against their models. Yet, many proposed evaluations have proven to offer deceptive estimates of robustness, often failing under more thorough analysis. Although guidelines and best practices have been suggested to improve current adversarial robustness evaluations, the lack of automatic testing and debugging tools makes it difficult to apply these recommendations in practice and systematically. To this end, the analysis of failures in the optimization of adversarial attacks is the only valid strategy to avoid repeating mistakes of the past. Additionally, the continuous proposal of novel attacks results in overly optimistic and biased evaluations. To address this, we propose a comparison framework to evaluate and benchmark gradient-based attacks for optimizing adversarial examples, ensuring fair assessment and fostering advancements in ML security evaluations.

Bio: Maura Pintor is an Assistant Professor at the PRA Lab, in the Department of Electrical and Electronic Engineering of the University of Cagliari, Italy, Italy. She received her PhD in Electronic and Computer Engineering from the University of Cagliari in 2022. Her PhD thesis, "Towards Debugging and Improving Adversarial Robustness Evaluations", provides a framework for optimizing and debugging adversarial attacks. She was a visiting student at Eberhard Karls Universitaet Tuebingen, Germany, from March to June 2020 and at the Software Competence Center Hagenberg (SCCH), Austria, from May to August 2021. She is reviewer for ACM CCS, ECCV, ICPR, IJCAI, ICLR, NeurIPS, ACSAC, ICCV, ARES, and for the journals IEEE TIFS, IEEE TIP, IEEE TDSC, IEEE TNNLS, TOPS. She is co-chair of the ACM Workshop on Artificial Intelligence and Security (AISec), co-located with ACM CCS.